Since the launch of the M-series processors and now the C1 cellular modem, Apple has been slowly but surely moving toward complete chip independence. The company is even working on its own Bluetooth and Wi-Fi solution, which is reportedly coming with new Home products and the iPhone 17 lineup in the Fall.
One obvious benefit of developing chips in-house is energy efficiency. Apple toated this with the introduction of Apple Silicon what feels like a hundred years ago, and this week with its first-ever 5G modem, which gives the iPhone 16e nearly 20% better battery life over the flagship iPhone 16. While improved battery life is certainly appealing, there are less obvious but more significant benefits of Apple having end-to-end control over both the software and hardware components.
This is Security Bite, where I share insights on data privacy, vulnerabilities, or emerging threats within Apple’s vast ecosystem of over 2 billion active devices each week.
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
Apple has learned some lessons from past vulnerabilities on third-party chips. In 2017, Nitay Artenstein discovered what was known as the Broadpwn flaw—a memory corruption bug in Broadcom’s Wi-Fi chipset firmware that could allow an attacker to execute code remotely within a certain radius. Over a billion Wi-Fi-capable devices and access points, including iPhone 7 and previous generations, were affected. It was not long until 2020 when another vulnerability was discovered on a Broadcom Wi-Fi chipset that left devices exposed to eavesdropping. And that’s just Wi-Fi chips…
The scary part is always how long the vulnerability existed before it was discovered—hopefully by the good guys—and how long it takes to push out a patch afterward. Nobody has control over the former, but in both cases above, it took months between the flaws being reported and patches released. Apple-made components aren’t perfect either, but because the in-house hardware and software teams are already closely integrated, it should, in theory, allow for faster response times without waiting on third-party companies. Apple would just need to queue up a Rapid Security Response, and boom, it’s automatically patched on billions of devices overnight.
A second key benefit lies in the supply chain. Supply chain attacks—where hackers target vendors or suppliers with access to a company’s hardware, software, or network—have surged in recent years.
On April 20, 2021, while Apple was holding its ‘Spring Loaded’ event, it was also facing a situation behind the scenes. The group behind the REvil ransomware claimed to have breached Quanta Computer, a key Apple contractor in Taiwan, obtaining schematics believed to be for upcoming unreleased products, including MacBook designs. Even firms like Apple are only as strong as its weakest link.
It doesn’t matter how good your corporate security posture is if a supplier is breached. For Apple, which relies on a global network of chip manufacturers and component suppliers (like Broadcom, Qualcomm, etc), this is a significant security concern. By developing its own chips, the company can minimize its exposure, decreasing the likelihood of threats.
Of course, this is my security outlook on the firm’s transition to developing more components in-house. I think this is a significant win for consumers, but I’d love to hear what others think! Leave a comment below.
Follow Arin: LinkedIn, Threads, BlueSky, X
More in Apple security
FTC: We use income earning auto affiliate links. More.
